疑似Oday
The exposure of the KACE Systems Management Appliance’s installer interface through the /common/setup.php endpoint allowed unauthorized access to the system setup wizard. This interface was publicly accessible when it should have been restricted, potentially granting attackers the ability to initiate or manipulate the setup process, leading to system compromise or unauthorized configuration changes.
id: kace-sma-installer
info:
name: KACE Systems Management Appliance - Installer
author: ritikc
...